In yet another massive security breach, data of over 50 million Facebook users have been exposed following a massive security breach by unknown hackers.
In a statement, Facebook CEO Mark Zuckerberg said that the precautionary measure taken by the social media giant has impacted another 40 million users.
It is feared that a significant number of affected users are from India, given the fact the company has the maximum 270 million users in the country.
However, Facebook did not respond to the question on the number of accounts affected in India, reported PTI.
In his statement, Zuckerberg said; "on Tuesday afternoon, our engineering team found an attack affecting up to 50 million accounts on Facebook. The attackers exploited a vulnerability in the code of the View As feature which is a privacy feature that lets people see what their Facebook profile would look like to another person".
"The vulnerability allowed the attackers to steal Facebook access tokens - which are the equivalent of a digital key - which the attackers could have used to take over or access people's accounts," he said.
Stressing that the investigation into the incident was still at a nascent stage, Zuckerberg said the social media giant does not know if any of the accounts were misused or who was behind the cyberattacks.
"So far, our initial investigation has not shown that these tokens were used to access any private messages or posts or to post anything to these accounts."
He said Facebook has taken steps to patch the security flaw to prevent this attacker - or any other attacker - from being able to steal additional access tokens.
Facebook has invalidated access tokens for the accounts, causing those users to be logged out.
"These people will now have to log back in to access their accounts again and we will also notify these people in a message on top of their News Feed about what happened when they log back in," the chief executive officer said.
In addition to getting in touch with law enforcement agencies, including the FBI, Zuckerberg said Facebook is logging out all users who used the "View As" feature since the flaw was introduced last year as a precautionary measure.
"This will require another 40 million people - or more - to log back into their accounts," he said.
"This is a really serious security issue. And we're taking it really seriously. We have a major security effort at the company that hardens all of our surfaces, and investigates issues like this," he said in response to a question.
"In this case I'm glad that we found this and that we were able to fix the vulnerability and secure the accounts. But it definitely is an issue that this happened in the first place," he said.
Gary Rosen, vice president pf product management at Facebook, said in all 90 million users would have to log back in. "After they have logged back in, people will get a notification at the top of their News Feed explaining what happened," he said.
Facebook said users don't need to change their passwords.
The latest security breach is a major setback to the social media giant who faced severe criticism from all quarters post the Cambridge Analytica data hack scandal wherein Facebook shared the data of more than 87 Mn users, including 5.62 Lakh Indian users with the UK based firm.